SecuritySpace - CVE-2017-2591

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2017-2591

Description: 389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service.

Test IDs: 1.3.6.1.4.1.25623.1.1.10.2017.0028

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-2591
BugTraq ID: 95670
http://www.securityfocus.com/bid/95670

CVE ID:	CVE-2017-2591
Description:	389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service.
Test IDs:	1.3.6.1.4.1.25623.1.1.10.2017.0028
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2591 BugTraq ID: 95670 http://www.securityfocus.com/bid/95670